While performing the Module 8 challenge lab for AWS Academy Solutions Architecting course. I received the following error message while performing Task 4 when I go for adding IAMReadOnlyAccess
to Olivia(an imaginary person who acts as Database Admin in this lab):
User: <arn> assumed-role/voclabs/<username> is not authorized to perform: iam:AttachUserPolicy on resource: user Olivia because no identity-based policy allows the iam:AttachUserPolicy action
. Here <arn> and <username>
are most probably different for everyone hence I didn't explicitly mention them.
I would like to know how can I resolve this error.
I figured out the mistake. Students don't have enough access to directly add policies to singular Users
in this lab (as I was trying to do). We have to add policy to User groups
. It worked when I attached the policies directly to DBAdministrators
group (of which Olivia is a member).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.